Lightweight Directory Access Protocol (LDAP)

An open, vendor neutral, industry-standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol network

LDAP Injection

• An application attack that targets web-based applications by fabricating LDAP statements that are typically created by user input
• Use input validation and input sanitization as protection against an LDAP injection attack

Command Injection

• Occurs when a threat actor is able to execute arbitrary shell commands on a host via a vulnerable web application

Process Injection

• Method of executing arbitrary code in the address space of a separate live process
• There are many different ways to inject code into a process:
  1. Injection through DLLs
  2. Thread Execution Hijacking
  3. Process Hollowing
  4. Process Doppel Ganging
  5. Asynchronous Procedure Calls
  6. Portable Executable Injections
• Mitigation includes:
  • Endpoint security solutions that are configured to block common sequences of attack behavior
  • Security Kernel Modules
  • Practice of Least Privilege